Power BI Access Token API not working in Angular - javascript

Trying to embed PowerBI dashboard into angular App. The API call to get access token is working in API is working in Postman but not working in Angular $http.post
Here is my http request:
Request URL:https://login.microsoftonline.com/common/oauth2/token
Request Method:POST
Status Code:400 Bad Request
Remote Address:104.211.216.34:443
Referrer Policy:no-referrer-when-downgrade
Response Headers
view source
Cache-Control:no-cache, no-store
Content-Length:435
Content-Type:application/json; charset=utf-8
Date:Tue, 28 Nov 2017 12:39:04 GMT
Expires:-1
P3P:CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma:no-cache
Server:Microsoft-IIS/8.5
Set-Cookie:esctx=AQABAAAAAABHh4kmS_aKT5XrjzxRAtHzOEDuOCnOGQdXuNJYF9t_l4l8QbiGM-1SOn4WhmgW5oU1BTHew-wFbpdzDe250yG1ODXnl9crMy97-PJdBUTJD2hCZ0fjpleNFz13Xbl3nDt21xoySABfsdxlxd8ODv8ryZ_n2CwnYMpM_yEoQG5tSxlh-SdOviP8tF3-n_uBqZwgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly
Set-Cookie:x-ms-gateway-slice=004; path=/; secure; HttpOnly
Set-Cookie:stsservicecookie=ests; path=/; secure; HttpOnly
Strict-Transport-Security:max-age=31536000; includeSubDomains
X-Content-Type-Options:nosniff
x-ms-request-id:5f039662-e0ce-425a-9e38-1593c64c7b00
X-Powered-By:ASP.NET
Request Headers
view source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, br
Accept-Language:en-GB,en-US;q=0.9,en;q=0.8
Access-Control-Allow-Origin:*
Connection:keep-alive
Content-Length:188
Content-Type:application/x-www-form-urlencoded
Host:login.microsoftonline.com
Origin:http://evil.com/
Referer:http://localhost:9000/power-bi
roleId:57be85636318773723861b99
token:W0JANTc3YjEwMTY
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36
Form Data
view source
view URL encoded
{"grant_type":"password","client_id":"clientId","resource":"https://analysis.windows.net/powerbi/api","username":"username","password": "password"}
Response is :
correlation_id : "1e68335a-6b6d-441d-90d3-eb8c88929a37"
error:"invalid_request"
error_codes:[90014]
error_description:"AADSTS90014: The request body must contain the following parameter: 'grant_type'.
↵Trace ID: 5f039662-e0ce-425a-9e38-1593c64c7b00
↵Correlation ID: 1e68335a-6b6d-441d-90d3-eb8c88929a37
↵Timestamp: 2017-11-28 12:39:05Z"
timestamp:"2017-11-28 12:39:05Z"
trace_id:"5f039662-e0ce-425a-9e38-1593c64c7b00"
can anyone please help me out of this hitch??

I got the Solution. I got that error i was making API call correctly. it expects data to be sent in 'Content-Type':'application/x-www-form-urlencoded' and data is serialised.
This code worked :
$http({
headers: {'Content-Type':'application/x-www-form-urlencoded; charset=UTF-8'},
url: 'https://login.microsoftonline.com/common/oauth2/token',
method: 'POST',
transformRequest: $httpParamSerializer,
transformResponse: function (x) {
return angular.fromJson(angular.fromJson(x));
},
data: {
grant_type:'password',
client_id: "client_id",
resource:'https://analysis.windows.net/powerbi/api',
username:"username",
password: "pwd",
client_secret: "client_secret"
}
})
I hope this answer will be useful anyone who face same problem in future.

Related

get method working, but not post - ZapWorks Studio

I'm using zapworks studio to develop an AR experience. It uses Z.ajax to make the ajax calls. I make a GET request and a POST request. I'm also using smileupps to host couchdb(they have free hosting). Here's the CORS configuration:
credentials: false; headers:Accept, Authorization, Content-Type, Origin;
methods: GET,POST,PUT,DELETE,OPTIONS,HEAD; origins: *
Everything works fine when launching ZapWorks Studio on windows. When scanning the zapcode with an android device, however, the post ajax call fails. Only the post. I am using basic authentication. I enforce that only the admin can manage the database on couchdb. I can access the host from both the desktop and the phone from a web browser to do everything manually.
I tried everything I could of to solve the problem: remove authentication, change the CORS configuration...nothing works. I thought it was an issue with CORS but everything works fine on windows and on the mobile just the POST fails...I keep getting a status code of 0.
EDIT - New info, testing on apitester also works on the desktop and mobile.
EDIT - Here's the zpp to show the logic
EDIT - Tried with REST Api Client on my phone and it worked as well. This can only be a CORS issue or something with zapworks. Weird that it works on windows but not on the phone.
EDIT - I found out what the problem is, but not how to fix it. So I set a proxy to debug the requests made from zapworks studio following this tutorial. It seems that it does a preflight request but gets the response
"HTTP/1.1 405 Method Not Allowed"
even though the payload is
{"error":"method_not_allowed","reason":"Only DELETE,GET,HEAD,POST
allowed"}.
Here's the request:
OPTIONS /ranking HTTP/1.1
Host: somehost.com
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: null
User-Agent: Mozilla/5.0 (Linux; Android 8.0.0; SM-G950U1 Build/R16NW; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/67.0.3396.87 Mobile Safari/537.36
Access-Control-Request-Headers: authorization,content-type,x-requested-with
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US
X-Requested-With: com.zappar.Zappar
and the response:
HTTP/1.1 405 Method Not Allowed
Server: CouchDB/1.6.0 (Erlang OTP/R15B01)
Date: Mon, 18 Jun 2018 21:22:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 76
Cache-Control: must-revalidate
Allow: DELETE,GET,HEAD,POST
Access-Control-Expose-Headers: Cache-Control, Content-Type, Server
Access-Control-Allow-Origin: null
Connection: keep-alive
{"error":"method_not_allowed","reason":"Only DELETE,GET,HEAD,POST allowed"}
which clearly shows that POST is allowed...
On the windows side, there doesn't seem to be a preflight request for some reason and my guess is that's why it works. Now the question is how do I configure CORS on couchdb to work on android. These are the configurations available:
enable_cors: true
credentials: false
headers:Accept, Authorization, Content-Type, Origin
methods:GET,POST,PUT,DELETE,OPTIONS,HEAD
origins:*
This is the code:
const Open_SansRegular_ttf0 = symbol.nodes.Open_SansRegular_ttf0;
parent.on("ready", () => {
const Plane0 = symbol.nodes.Plane0;
let ajaxParameters : Z.Ajax.Parameters = {
url: "https://something.smileupps.com/test/_all_docs?include_docs=true",
headers: {"Authorization": "Basic my64encoding"},
method: "GET",
timeout: 3000
};
// Perform the AJAX request
Z.ajax(ajaxParameters, (statusCode, data, request) => {checkRequest(statusCode, data);});
ajaxParameters = {
url: "https://something.smileupps.com/test",
headers: {"Content-Type":"application/json", "Authorization": "Basic my64encoding"},
method: "POST",
body: '{"name" : "asdasd", "something": 234}',
timeout: 3000
};
Z.ajax(ajaxParameters, (statusCode, data, request) => {checkRequest(statusCode, data);});
});
function checkRequest(statusCode, data) {
if (statusCode === 0) {
Open_SansRegular_ttf0.text("Unable to connect - check network connection.");
console.log("Unable to connect - check network connection.");
return;
}
if (statusCode < 200 || statusCode >= 300) {
Open_SansRegular_ttf0.text("HTTP request failed: " + statusCode);
console.log("HTTP request failed: " + statusCode);
return;
}
// Attempt to parse the data returned from the AJAX request as JSON
let parsedData;
try {
// https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse
parsedData = JSON.parse(data);
} catch (e) {
Open_SansRegular_ttf0.text("Unable to parse JSON: " + e);
console.log("Unable to parse JSON: " + e);
return;
}
return parsedData;
}
EDIT
Here's the request on windows
Accept:*/*
Accept-Encoding:gzip, deflate
Accept-Language:en-US
Authorization:Basic mybase64encoding
Connection:keep-alive
Content-Length:37
Content-Type:application/json
Host:http://something.smileupps.com/test
Origin:file://
User-Agent:Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) ZapWorksStudio/4.0.4-stable Chrome/58.0.3029.110 Electron/1.7.9 Safari/537.36
X-DevTools-Request-Id:3680.9
X-Requested-With:XMLHttpRequest
and the response:
Access-Control-Allow-Origin:file://
Access-Control-Expose-Headers:Cache-Control, Content-Type, ETag, Server
Cache-Control:must-revalidate
Content-Length:95
Content-Type:text/plain; charset=utf-8
Date:Mon, 18 Jun 2018 21:36:22 GMT
ETag:"1-512f89feb3d0a88781119e772ec6fd7b"
Location:http://something.smileupps.com/test
Server:CouchDB/1.6.0 (Erlang OTP/R15B01)
No preflight.
Your problem is in the request: Origin: null is usually what you get when the Web page containing the xhr request is opened with the file: rather than the http or https protocol. You won't get any successful CORS request with such an origin.

AJAX POST, why is data sent over URL?

I make an Ajax Post and get the following error:
414 Request-URI Too Large
Why is the data still sent over the URL and not only in the body?
In Chrome is see param1 data in the request URL, query string parameters and in request payload, how to remove it from the URL?
routes = JSON.stringify(routes);
$.ajax({
type: "POST",
url: "http://127.0.0.1:3000/s",
data: {
param1: routes
},
success: function(data) {
$('div.home-products').html(
data);
}
});
This is the full routes object after stringify:
{"0":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":-19.9245,"lng":-43.93520000000001}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":54},"1":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":52.52,"lng":13.404999999999973}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":53},"2":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":44.7866,"lng":20.44889999999998}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":52},"3":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":37.9838,"lng":23.727499999999964}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":51},"4":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":40.8518,"lng":14.268100000000004}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":50},"5":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":48.0527,"lng":12.224500000000035}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":49},"6":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":48.8566,"lng":2.3522199999999884}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":48},"7":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":51.0504,"lng":13.737300000000005}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":47},"8":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":49.7764,"lng":12.091699999999946}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":46},"9":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":49.7764,"lng":12.091699999999946}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":44}}
This the Chrome network
Request URL: http://127.0.0.1:3000/en/s?param1=%7B%220%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A-19.9245%2C%22lng%22%3A-43.93520000000001%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A54%7D%2C%221%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A52.52%2C%22lng%22%3A13.404999999999973%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A53%7D%2C%222%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A44.7866%2C%22lng%22%3A20.44889999999998%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A52%7D%2C%223%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A37.9838%2C%22lng%22%3A23.727499999999964%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A51%7D%2C%224%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.8518%2C%22lng%22%3A14.268100000000004%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A50%7D%2C%225%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A48.0527%2C%22lng%22%3A12.224500000000035%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A49%7D%2C%226%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A48.8566%2C%22lng%22%3A2.3522199999999884%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A48%7D%2C%227%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A51.0504%2C%22lng%22%3A13.737300000000005%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A47%7D%2C%228%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A49.7764%2C%22lng%22%3A12.091699999999946%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A46%7D%2C%229%22%3A%7B%22result_api%22%3A%7B%22geocoded_waypoints%22%3A%5B%7B%7D%2C%7B%7D%5D%2C%22routes%22%3A%5B%5D%2C%22status%22%3A%22ZERO_RESULTS%22%2C%22request%22%3A%7B%22origin%22%3A%7B%22location%22%3A%7B%22lat%22%3A49.7764%2C%22lng%22%3A12.091699999999946%7D%7D%2C%22destination%22%3A%7B%22location%22%3A%7B%22lat%22%3A40.7127753%2C%22lng%22%3A-74.0059728%7D%7D%2C%22travelMode%22%3A%22DRIVING%22%7D%7D%2C%22id%22%3A44%7D%7D&view=grid
Request Method: POST
Status Code: 414 Request-URI Too Large
Remote Address: 127.0.0.1:3000
Referrer Policy: no-referrer-when-downgrade
Response Headersview source
Connection: close
Content-Length: 331
Content-Type: text/html; charset=ISO-8859-1
Date: Mon, 09 Apr 2018 18:40:48 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.4/2017-03-30)
Request Headersview source
Accept: /
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7,pt-BR;q=0.6,pt;q=0.5
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 4338
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cookie: _st_session=SkhkUk1HSHhSS1liRXVZbmZBZUcxcE1IZkhVcTNpYkFrWnNWbE5TaFY4b295c0RIVlJMQ09EbFVhQnJvWXA5OW5QeGY4dEhnREpUN09rZUR3eDVOM1UyWWRxcUllN3E2azM2TE0zakttbnZENzRmRU5lWGRHN0ZaNFh6c1MrVzBZd1R1Q1lDeGNGb1Z5M0ZGZ1hncTlUZG9kMnFHdUFuNXg4R01pckR3dHFhYzhtb0l2VW0rWWZwUVV2UGJ1bXQrWE1OVGhDREpTellKV3VKaDVEQnZNQ0FmYkRmL3BoZjVwUG8vNmRucnpuOG9jOUhXUnpWS2dCeC9NUWx0Y2ZNcmtuMDludWhybmxBUTAxNjhPNi95U2c9PS0tV2VqeWNBV3k1d1VrNDBnMEwxa0Z6Zz09--76684486bfaa221829f7d6c7f99d1833550ef865
Host: 127.0.0.1:3000
Origin: http://127.0.0.1:3000
Pragma: no-cache
Referer: http://127.0.0.1:3000/s?view=grid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
X-CSRF-Token: rlyweDRRbVWVz+TC3MW+roDh2N9WFoAfAPT5oiC+k6LfCgMx4N4zbpfRP98UUT9H2y55Fzco9pI3MQjkuqkPng==
X-Requested-With: XMLHttpRequest
Query String Parametersview source
view URL encoded
param1: {"0":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":-19.9245,"lng":-43.93520000000001}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":54},"1":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":52.52,"lng":13.404999999999973}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":53},"2":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":44.7866,"lng":20.44889999999998}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":52},"3":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":37.9838,"lng":23.727499999999964}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":51},"4":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":40.8518,"lng":14.268100000000004}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":50},"5":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":48.0527,"lng":12.224500000000035}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":49},"6":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":48.8566,"lng":2.3522199999999884}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":48},"7":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":51.0504,"lng":13.737300000000005}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":47},"8":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":49.7764,"lng":12.091699999999946}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":46},"9":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":49.7764,"lng":12.091699999999946}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":44}}
view: grid
Form Dataview source
view URL encoded
param1: {"0":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":-19.9245,"lng":-43.93520000000001}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":54},"1":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":52.52,"lng":13.404999999999973}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":53},"2":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":44.7866,"lng":20.44889999999998}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":52},"3":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":37.9838,"lng":23.727499999999964}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":51},"4":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":40.8518,"lng":14.268100000000004}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":50},"5":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":48.0527,"lng":12.224500000000035}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":49},"6":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":48.8566,"lng":2.3522199999999884}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":48},"7":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":51.0504,"lng":13.737300000000005}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":47},"8":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":49.7764,"lng":12.091699999999946}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":46},"9":{"result_api":{"geocoded_waypoints":[{},{}],"routes":[],"status":"ZERO_RESULTS","request":{"origin":{"location":{"lat":49.7764,"lng":12.091699999999946}},"destination":{"location":{"lat":40.7127753,"lng":-74.0059728}},"travelMode":"DRIVING"}},"id":44}}
view: grid
This is just a wild guess, but see if this helps:
url: window.location.href.replace(/\?.*$/, ''),
You definitely don't need to be passing along the get parameters that are in your href value, and this will strip them off. Perhaps the presence of any get parameters, even if it's just view-grid causes ajax to send your POST parameters as query parameters as well.
It turned out to be the missing contentType: "json", option.

fineuploader - Invalid policy document or request headers error

I'm trying to setup Fine-uploader s3 with cross domain signing. I've been struggling with it for two weeks now, going through every article on the internet and still can't get this to work. I'm, with exaggerating, very frustrated. I've started questioning every line of code and I get nowhere..
I keep receiving the following errors in the browser console:
XHR finished loading: OPTIONS "https://myserver.com/vendor/fineuploader/php-s3-server/endpoint-cors.php?v4=true".
util.js:241 [Fine Uploader 5.15.6] Invalid policy document or request headers!
XHR finished loading: POST "https://myserver.com/vendor/fineuploader/php-s3-server/endpoint-cors.php?v4=true".
util.js:241 [Fine Uploader 5.15.6] Policy signing failed. Invalid policy document or request headers!
I'm using the php server provided by fineuploader on github to sign documents. Here I've set my constants and modified
'access-control-allow-origin: https://myserver.com' and 'access-control-allow-credentials: true'.
My javascript uploader script client-side looks like this.
var uploader = new qq.s3.FineUploader({
element: document.getElementById("uploader"),
debug: true,
request: {
endpoint: 'BUCKET_NAME.s3-accelerate.amazonaws.com',
accessKey: 'ACCESS_KEY'
},
cors: {
//all requests are expected to be cross-domain requests
expected: true,
//if you want cookies to be sent along with the request
sendCredentials: true
},
objectProperties: {
bucket: 'BUCKET_NAME',
host: 's3-accelerate.amazonaws.com' // only needed for version 4 signatures
},
signature: {
endpoint: 'https://myserver.com/vendor/fineuploader/php-s3-server/endpoint-cors.php',
version: 4
},
uploadSuccess: {
endpoint: 'https://myserver.com/vendor/fineuploader/php-s3-server/endpoint-cors.php?success'
},
iframeSupport: {
localBlankPagePath: '/success.html'
},
validation: {
allowedExtensions: ["jpeg", "jpg", "png"],
acceptFiles: "image/jpeg, image/png",
sizeLimit: 10000000,
itemLimit: 1
},
retry: {
enableAuto: true // defaults to false
},
paste: {
targetElement: document,
promptForName: true
}
});
This is my header information
Request URL:https://MYSERVER.com/vendor/fineuploader/php-s3-server/endpoint-cors.php?v4=true
Request Method:OPTIONS
Status Code:200 OK
Remote Address:MY_IP
Referrer Policy:no-referrer-when-downgrade
Response Headers
view source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:Content-Type
Access-Control-Allow-Methods:OPTIONS
Access-Control-Allow-Origin:https://MY_WEBSITE.com
Connection:keep-alive
Content-Encoding:gzip
Content-Type:text/html; charset=UTF-8
Date:Wed, 31 Jan 2018 17:45:06 GMT
Host:127.0.0.1:8000
Server:nginx/1.10.3 (Ubuntu)
Transfer-Encoding:chunked
X-Powered-By:PHP/7.0.22-0ubuntu0.16.04.1
Request Headers
view source
Accept:*/*
Accept-Encoding:gzip, deflate, br
Accept-Language:da-DK,da;q=0.9,en-US;q=0.8,en;q=0.7
Access-Control-Request-Headers:content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:aeoeaa.club
Origin:https://MY_WEBSITE.com
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
Query String Parameters
view source
view URL encoded
v4:true
And
Request URL:https://MYSERVER/vendor/fineuploader/php-s3-server/endpoint-cors.php?v4=true
Request Method:POST
Status Code:200 OK
Remote Address:MY_IP
Referrer Policy:no-referrer-when-downgrade
Response Headers
view source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:https://MYWEBSITE.com
Connection:keep-alive
Content-Type:application/json
Date:Wed, 31 Jan 2018 17:45:07 GMT
Host:127.0.0.1:8000
Server:nginx/1.10.3 (Ubuntu)
Transfer-Encoding:chunked
X-Powered-By:PHP/7.0.22-0ubuntu0.16.04.1
Request Headers
view source
Accept:application/json
Accept-Encoding:gzip, deflate, br
Accept-Language:da-DK,da;q=0.9,en-US;q=0.8,en;q=0.7
Connection:keep-alive
Content-Length:461
Content-Type:application/json; charset=UTF-8
Host:MYSERVER.com
Origin:https://MYWEBSITE.com
Referer:https://MYWEBSITE.com/pages/testpage
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
Query String Parameters
view source
view URL encoded
v4:true
Request Payload
view source
{expiration: "2018-01-31T17:50:06.323Z",…}
conditions
:
[{acl: "private"}, {bucket: "MY_BUCKET_NAME"}, {Content-Type: "image/jpeg"},…]
expiration
:
"2018-01-31T17:50:06.323Z"
Everything should be working but I still get the same error. I don't want any of the complicating features. I just want a simple upload to s3. But this seems impossible. I'll gladly supply more info. Anything to get this done. I'll even send a bottle of wine to the one solving it. Nothing I do helps..

AJAX function w/ Mailgun, getting "ERROR Request header field Authorization is not allowed by Access-Control-Allow-Headers"

I'm working on making an AJAX call that hit the Mailgun API to send email. Documentation on Mailgun says that post requests should be made to "https://api.mailgun.net/v3/domain.com/messages". I've included my api key as specified by mailgun (they instruct to use a username of 'api'). Since this involves CORS, I can't get past the error: Request header field Authorization is not allowed by Access-Control-Allow-Headers.
However, I've inspected the requests/responses in the Network tab and "Access-Control-Allow-Origin" in the response from Mailgun is set to "*"...which should indicate that it should allow it? (See request/response below): I've edited the actual domain and my API key.
Remote Address:104.130.177.23:443
Request URL:https://api.mailgun.net/v3/domain.com/messages
Request Method:OPTIONS
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, authorization
Access-Control-Request-Method:POST
Connection:keep-alive
Host:api.mailgun.net
Origin:null
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.115 Safari/537.36
Response Headersview source
Access-Control-Allow-Headers:Content-Type, x-requested-with
Access-Control-Allow-Methods:GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin:*
Access-Control-Max-Age:600
Allow:POST, OPTIONS
Connection:keep-alive
Content-Length:0
Content-Type:text/html; charset=utf-8
Date:Fri, 20 Mar 2015 19:47:29 GMT
Server:nginx/1.7.9
My code for the ajax call is below, in which I include my credentials in the headers and the domain to where the post is supposed to go. Not sure what's causing this not to work. Is it because I'm testing on local host? I didn't think that would make a difference since the "Access Control Allow Origin:*" in the response header. Any help would be greatly appreciated! Thank you.
function initiateConfirmationEmail(formObj){
var mailgunURL;
mailgunURL = "https://api.mailgun.net/v3/domain.com/messages"
var auth = btoa('api:MYAPIKEYHERE');
$.ajax({
type : 'POST',
cache : false,
headers: {"Authorization": "Basic " + auth},
url : mailgunURL,
data : {"from": "emailhere", "to": "recipient", etc},
success : function(data) {
somefunctionhere();
},
error : function(data) {
console.log('Silent failure.');
}
});
return false;
}
Drazisil is correct above. The response needs to include Access-Control-Allow-Headers: Authorization as you are including that header in your request and Authorization is not a simple header.

Sending OAuth access token in Jquery Ajax request

Following documentation i put together this simple request. Every time i run this request i still get a 401 Authorization Required. I know the access token is fine because i use the same token using get to populate my models and it works fine it's only when i use post and place my token in the request headers.
Anyone else had this issue before?
jQuery.ajax( {
url: 'http://customer-server-2.dev/api/documents/add/.json',
type: 'POST',
data : {
guid : $('.guid-input').val(),
title : $('.title-input').val(),
payload : $('.payload-input').val()
},
beforeSend : function( xhr ) {
xhr.setRequestHeader( 'Authorization', 'BEARER ' + app.AccessToken );
},
success: function( response ) {
console.log(response);
},
error : function(error) {
console.log(error);
}
} );
response header
HTTP/1.1 401 Authorization Required
Date: Wed, 08 Apr 2015 12:20:28 GMT
Server: Apache/2.2.26 (Unix) mod_fastcgi/2.4.6 mod_wsgi/3.4 Python/2.7.6
PHP/5.5.10 mod_ssl/2.2.26 OpenSSL/0.9.8za DAV/2 mod_perl/2.0.8 Perl/v5.18.2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, x-xsrf-token, Authorization
X-Powered-By: PHP/5.5.10
WWW-Authenticate: Bearer realm="Service", error="invalid_request", error_description="The access token was not found."
Content-Length: 81
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
request header
OPTIONS /api/documents/add/.json HTTP/1.1
Host: customer-server-2.dev
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://test-client-app.dev
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2354.0 Safari/537.36
Access-Control-Request-Headers: accept, authorization
Accept: /
Referer: http://test-client-app.dev/index.html
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8

Categories

Resources